Act

Alert

FDR is equipped with several key alerting mechanisms including real-time alerts generated by 0day activity and retrospective alerts which identify 0day activity already present within a network environment.

Decorate

FDR operates against web, email, and network traffic. Email traffic deserves special attention, however, as it is the primary conduit where end-user interaction occurs. To that end, a key part of the FDR solution is email banners. Driven by thousands of signatures, thousands of heuristics, hundreds of ML-models, and dozens of technologies, banners provide simple, color-coded email risk indicators to users. Currently FDR supports roughly two dozen banners ranging from red (danger) to yellow (caution) - each tunable from terse to verbose. Banners are generated from InQuest's threat scoring algorithm and take into consideration customer-specific detection logic, threat intelligence, and integrations. Additionally, email banners help provide end-user awareness and training - effectively deploying a security engineer over the shoulder of each user.

Block

FDR has several blocking mechanisms. Emails and attachments can be blocked from delivery. Malicious web traffic can be blocked via ICAP cache/proxy. Network traffic can be blocked by invoking IPs and domains (via FDR GUI) to a third party IPS. As an example, a security analyst could see something he doesn't like in the FDR GUI, then instantly block an IP address (via FDR’s TippingPoint integration) for a prescribed period of time.

Leverage FDR Features for Your Security Solution Needs

Overview

What is FDR?

Technology

Core Features

Benefits

Differentiation

Solutions

Solutions

File-borne Attack Use Cases

Threat Hunting Use Cases

SOC ROI Use Cases

Products & Services

Products

Services

Pricing

Resources

Company

Act

Alert

Decorate

Block